Agenda Board of Directors • Compliance Committee May 23, 2018 • 1:00 PM – 3:00 PM (ET)
ReliabilityFirst Corporation 3 Summit Park Drive, Suite 600 • Cleveland, OH 44131 Room: 5th Floor Conference Center Attire: Business Casual
Open Agenda
1. Call to Order and Appoint Secretary to Record MinutesPresenter: Brenton Greene, Chair
2. Antitrust StatementPresenter: Brenton Greene, Chair
3. Approve Compliance Committee Meeting MinutesPresenter: Brenton Greene, Chair Reference: Draft Minutes for the March 14, 2018 Compliance Committee Meeting Action: Approve Minutes
4. PJM CIP Security SegmentationPresenter: Bryon Koskela and Steve McElwee, PJM Interconnection, LLC
Description: RF has presented its approach to risk-based monitoring and enforcement to ensure the reliability and security of the RF footprint and drive continuous improvement for stakeholders. In this context, PJM will provide the Compliance Committee with a presentation on a particular effort to continuously improve the security and compliance of its operations.
Reference: Presentation Action: Information and Discussion
5. 2017 RF Regional Risk Assessment
Presenter: Ray Sefchik Description: Mr. Sefchik will provide an overview of the 2017 RF Regional Risk
Assessment (RRA) and the RRA process. Reference: Presentation Action: Information and Discussion
Compliance Committee • Agenda
May 23, 2018
2
6. Implementation of the ERO CMEP ToolPresenter: Tony Jablonski Description: Mr. Jablonski will provide an overview of the implementation of the ERO
Compliance Monitoring and Enforcement Program tool. This will include objectives, milestones, and challenges/ considerations.
Reference: Presentation Action: Information and Discussion
7. Hearing UpdatePresenter: Patrick O’Connor Description: Mr. O’Connor will provide a status update regarding NERC’s proposed
revisions to the Hearing Procedures. This will include the intent of the proposed revisions and recent updates to further improve NERC’s prior proposal.
Reference: Presentation Action: Information and Discussion
8. Next MeetingAugust 29, 2018 • Cleveland, OH
Closed Agenda
9. Confidential Compliance and Enforcement MattersPresenter: Description: Reference: Action:
Jeff Craigo and Jason Blake Mr. Craigo and Mr. Blake will present confidential matters. Confidential Documents Information and Discussion
10. Adjourn
Roster • Compliance Committee
Brenton Greene, Chair • Independent (2019) Larry Irving, Vice Chair • Independent (2018) Ken Capps • At-Large (2019) Patrick Cass, • Independent (2020) Michael Bryson • RTO (2018)
Draft Minutes for the March 14, 2018 Compliance
Committee Meeting
Separator Page
DRAFT Minutes Board of Directors • Compliance Committee March 14, 2018 • Cleveland, OH
ReliabilityFirst Corporation 3 Summit Park Drive • Cleveland, OH 44131
Open Session
Call to Order – Chair Brenton Greene called to order a duly noticed open meeting of the Compliance Committee on March 14, 2018 at 1:00 pm (ET). A quorum was present, consisting of the following members of the Compliance Committee: Brenton Greene, Chair; Michael Bryson; Ken Capps; and Patrick Cass. A list of others present during the Compliance Committee meeting is set forth in Attachment A. Appoint Secretary to Record Minutes – Chair Greene designated Jason Blake as the secretary to record the meeting minutes. Antitrust Statement – Chair Greene advised all present that this meeting is subject to, and all attendees must adhere to, ReliabilityFirst’s Antitrust Compliance Guidelines. Approve Compliance Committee Meeting Minutes – Chair Greene presented draft minutes for the November 29, 2017 Compliance Committee meeting, which were included with the agenda package. Upon a motion duly made and seconded, the Compliance Committee approved the minutes as presented.
Supply Chain Risk Management Standard Update – Matt Thomas provided an update on the development of the new CIP-013-1 Supply Chain Risk Management Standard (Standard). He discussed FERC’s Notice of Proposed Rulemaking for the Standard, including FERC’s proposed modifications to the Standard and NERC’s responses to the modifications. Mr. Thomas discussed ReliabilityFirst’s coordination efforts with NERC and the other Regions to drive consistency in monitoring and enforcement of the Standard. He also discussed ReliabilityFirst’s outreach efforts to ensure entities understand the objectives and requirements of the Standard. CIP Themes Report - David Godfrey, Vice President of Entity Oversight for WECC, and Kristen Senk, Senior Counsel for ReliabilityFirst, discussed the second edition of the CIP Themes Report (Report). Ms. Senk explained that the Report is a joint effort of ReliabilityFirst, WECC, and SERC to identify themes in deficiencies and mitigation strategies related to compliance with the CIP Standards. She discussed the genesis of the Report and the collaboration with stakeholders on its content. Ms. Senk then led a discussion on the CIP themes of: (1) organizational silos (i.e., lack of coordination between
Compliance Committee Minutes March 14, 2018
2
departments, business units, and levels of management) and (2) lack of awareness of the entity’s capabilities deficiencies, systems, and processes. Mr. Godfrey provided WECC’s perspective on the Report, and noted that the CIP themes present in ReliabilityFirst’s footprint are also present in WECC’s footprint. He led a discussion on the CIP themes of: (1) disassociating compliance from security and (2) inadequate tools, ineffective tools, and overreliance on automation. The Committee then discussed Regional outreach efforts to ensure entity awareness of the Report and the CIP themes, and to help entities share strategies to address them. Review of 2017 Performance - Jim Uhrin provided an overview of ReliabilityFirst’s 2017 Compliance Monitoring and Enforcement Program activities. He provided metrics on the most frequently violated Reliability Standards; method of discovery of noncompliances, and risk profile of noncompliances. Mr. Uhrin noted that these metrics are positive and demonstrate entities’ use of effective internal controls. He then provided metrics on the assist visit program, and discussed the positive impacts of the program. For example, the rate of misoperations in the ReliabilityFirst footprint has significantly decreased, and Mr. Uhrin attributed this to focused entity assist visits on protection systems and misoperations.
Next Meeting – Chair Greene noted that the next Compliance Committee meeting will occur on May 23, 2018, in Cleveland, Ohio. At 2:30 pm, Chair Greene moved the Compliance Committee into closed session. All guests recused themselves at this time.
Closed Session
Confidential Compliance & Enforcement Matters – Jeff Craigo and Jason Blake led a discussion on confidential Compliance and Enforcement matters. Adjourn – Upon a motion duly made and seconded, Chair Greene adjourned the Compliance Committee meeting at 3:13 pm (ET).
As approved on this __ day of May, 2018, by the Compliance Committee,
Jason Blake Vice President General Counsel & Corporate Secretary
Compliance Committee Minutes March 14, 2018
3
Attachment A
Others Present During the Compliance Committee Meeting Lisa Barton • American Electric Power Jason Blake • ReliabilityFirst, Vice President, General Counsel & Corporate Secretary Thomas Breene • WEC Energy Group Larry Bugh • ReliabilityFirst Jeff Craigo • ReliabilityFirst Rob Eckenrod • PJM Scott Etnoyer • Talen Energy Tim Gallagher • ReliabilityFirst, President & CEO David Godfrey • WECC Jim Haney • FirstEnergy Deandra Williams-Lewis • ReliabilityFirst Mark Holman • PJM Bob Mattiuz • FirstEnergy Charles Milliken • WEC Energy Group Jeff Mitchell • ReliabilityFirst Lou Oberski • Dominion Ray Palmieri • ReliabilityFirst, Senior Vice President Matt Paul • DTE Energy Joe Robinson • DTE Energy Ray Sefchik • ReliabilityFirst Kristen Senk • ReliabilityFirst Susan Sosbe • Wabash Valley Power Association Jennifer Sterling • Exelon Matt Thomas • ReliabilityFirst Jody Tortora • ReliabilityFirst Jim Uhrin • ReliabilityFirst Simon Whitelock • ITC Holding Lynnae Wilson • Vectren
Presentation
Separator Page
PJM©2018
PJM’s Network Segmentation Project
Bryon Koskela, Senior Director – IT
Business Solutions
Steve McElwee, Director – IT
Compliance & Enterprise Info Security
May 23, 2018
PJM©20182
Background
Current network equipment in place from AC² project
(2008 – 2009)
Planning for lifecycle replacements provided the opportunity to take
a step back
Accounted for changing landscape of security and
technology
Multi-year project to fully redesign the network
• Started in 2016
• 2017 firewall refresh
• User network segmentation
PJM©20183
Drivers for Network Segmentation
Desire to further segment network zones
Physically separate equipment in certain
zones
Used software defined networking capability to
enforce ports and services white listing
Simplify firewall rule sets
Major vendors shifting network architecture to
spine-leaf recommendation
Consistent configuration across a large amount of
network devices
Ease of patching (many small ports switches vs. few large port switches)
PJM©20184
Process
RFP process initiated
Multiple vendors reviewed
Finalist
Arista CISCO
CISCO ACI and Nexus 9000
switches winning bid
PJM©20185
Datacenter Switch Replacement – Zone Architecture
Spine
Leaf
Controller
PJM©20186
High-Level Zone Design
PJM©20187
Compliance Implications
• Firewall remains the Electronic Access Point
• CIP DMZ subzone allows for multi-factor authentication and protocol break for interactive access
• Within the zone the policy set at the controller defines allowable traffic (deny by default), enforcement of authorized ports and services
• May change evidence for ports services (no UDP scans) and baselines –controller policy
• Controllers potentially EACMS for CIP zone
PJM©20188
Compliance Implications
• PJM design has separate physical hardware and controllers in each zone (additional cost)Capability exists to virtualize
• Routing within zones, no firewall traffic flowPorts and Services enforced
Presentation
Separator Page
2017 Regional Risk Assessment
Update
Ray Sefchik,
Director, Reliability Assurance & Monitoring
May 23, 2018
Cleveland, OH
Forward Together • ReliabilityFirst
Regional Risk Assessment - Development
Identified Risks
Emerging Risks
Inherent Risks
2
Forward Together • ReliabilityFirst
Inherent Risks
3
• Potential Noncompliances
• Outages (Transmission,
Generation, EMS)• Misoperations
• Cybersecurity
• Physical Security
HistoricalReliability and Compliance Performance
Forward Together • ReliabilityFirst
Identified Risks
4
• Critical Infrastructure Protection
• Protection Systems
• Monitoring and Situational Awareness
• Supply Chain
• Human Performance
Key Risk Areas
Forward Together • ReliabilityFirst
Emerging Risks
5
• Cyber
• Predicting Transmission Availability Data System (TADS) Outages
• Renewables
• Fuel Diversity Impacts to Grid Resiliency
• Crime, Unemployment, and Demographics
• Technology and Aging Workforce
• Assessing Low Probability-High Impact Events
• Data Disparity
2018 Risk Outlook
Forward Together • ReliabilityFirst
2018 ERO Risk Elements
6
• Critical Infrastructure Protection
• Extreme Physical Events
• Maintenance and Management of the Bulk Power System Assets
• Protection System Failures
• Monitoring and Situational Awareness
• Event Response/Recovery
• Planning and System Analysis
• Human Performance
• Cyber Security Supply Chain Risk Management
ERO & RF
Risk Elements
Forward Together • ReliabilityFirst
Conclusion
For the 2017 RRA, ReliabilityFirst focused
efforts on key risks identified in previous RRAs
• Included extensive efforts in mitigation of misoperations,
as well as cybersecurity and other CIP related issues
After review of the 2018 NERC ERO Risk
Elements and the ReliabilityFirst Risk Elements,
ReliabilityFirst identified associated Standards
and Requirements for increased compliance
monitoring focus in 2018
7
Forward Together • ReliabilityFirst
Regional Risk Assessment - Results
Identified Risks
Emerging Risks
Inherent Risks
8
Inherent Risk Assessments
Compliance Monitoring
Scope & Method
Input
Inform
Compliance Oversight
PlansInform Inform
&
Develop
Risk Communication
Plan(s)
Inform
&
Develop
Develop
Forward Together • ReliabilityFirst
Regional Risk Assessment - Coordination
9
RAM
RAPA
Entity Dev
&
EASACompliance
Monitoring
&
Enforcement
Forward Together • ReliabilityFirst
Questions & Answers
Forward Together ReliabilityFirst
Presentation
Separator Page
ERO CMEP Tool Update
Anthony Jablonski – Manager Risk Analysis & Mitigation
May 23, 2018
Cleveland, OH
Forward Together • ReliabilityFirst
Objectives
• Increase efficiency of compliance work activities through the use of
workflows and collaboration tools.
• Improve effectiveness by improving ability to share and analyze reliability
risk and compliance information.
• Ensure consistency in practices and data gathering by aligning common
CMEP business processes across the ERO Enterprise.
• Reduce total combined NERC and Regional Entity IT capital investments
and maintenance costs for CMEP-related applications.
2
Forward Together • ReliabilityFirst
What does the CMEP Tool include?
3
CMEP Tool
TFE’s
Compliance Planning
Audit & Spot
Check
Self-Certs
Self-Reports
Data Submittals
Enforcement Processing
Mitigation
Security
Complaints Process
InvestigationsCFR/JRO
Processing
Registration Processing
Does not include:
Forward Together • ReliabilityFirst
RF Team Members
Jeff Craigo – ERO Steering Committee
Anthony Jablonski – RF Coordinator
• SME Group - Standards
Dirk Baker
• SME Group – Risk Assessment
Denise Hunter
• SME Group - Compliance
Kristen Senk
• SME Group - Enforcement
4
Forward Together • ReliabilityFirst
Completed Milestones
5
Task Completed
SME Group Questionnaires June 2017
SME Group Workshop August 2017
Vendor Demos (BWise, MetricStream and OATI) October 2017
Vendor Scoring Cards November 2017
BWise Chosen as Vendor February 2018
Forward Together • ReliabilityFirst
Upcoming Milestones
6
Process Harmonization Start End
Self-Reports and Self-Logging March June
Enforcement Processing May July
Mitigation Plan Creation and Tracking July September
Self-Certification, Periodic Data Submittals, Technical Feasibility
Exceptions (TFE)
September November
Compliance Audit and Spot Check; Compliance Investigations,
Complaints
October March 2019
Compliance Planning November April 2019
• Training and deployment schedule in progress and will be announced
Forward Together • ReliabilityFirst
Challenges and Considerations
Compromises and consensus needed across the ERO
Timely execution of critical path predecessors efforts (e.g., Entity
Registration)
Balance between current processes and out-of-the-box features
Data conversion from legacy systems
Registered entity engagement
7
Forward Together • ReliabilityFirst
Questions & Answers
Forward Together ReliabilityFirst
Presentation
Separator Page
Update on Proposed Revisions
to Rules of Procedure
Patrick O’Connor, Counsel
May 23, 2018
Cleveland, OH
Forward Together • ReliabilityFirst
Purpose of Revisions
Option to move hearing process to NERC
• Region can change its mind after 6 months
NERC’s stated goals:
• Streamline costs and promote efficiency
• Enhance consistency
• Eliminate ex parte concerns
2
Forward Together • ReliabilityFirst
Hearing ProcessF
ER
C
Proposed
3
FERC
HEARING
OFFICER
HEARING
BODY
HEARING
OFFICER
HEARING
BODY
BOTCCBOTCC
FERC
Current
NE
RC
RF
Forward Together • ReliabilityFirst
Change to Hearing Officer’s Role
4
Current
• RF Hearing Body
• 5 Compliance Committee Members
• Hearing Officer
• Selected by Hearing Body
2016 Draft
• Hearing Body
• 5 members, including Hearing Officer
• 2 appointed by RE
• 2 appointed by NERC BOTCC
• Hearing Officer
• Selected by 4 Hearing Body members
• Tie-breaking vote
2018 Proposal
• Hearing Body
• 5 members, excluding Hearing Officer
• 5th member appointed by 4 other members
• Hearing Officer
• Selected by Hearing Body
• Does not vote on any matter before Hearing Body
Forward Together • ReliabilityFirst
Next Steps
No action needed now
• Amended petition pending with FERC
FERC staff has signaled likely approval
Once FERC approves, we would seek
Compliance Committee’s endorsement to go to
full board for approval
5
Forward Together • ReliabilityFirst
Questions & Answers
Forward Together ReliabilityFirst
6